How to let a user, for e.g."user1" have exec permissions on only one job and when he logs in into WCC he should be able to force-start/start ONLY the particular job?

CA WAAE 11.3.*

CA EEM 12.*

Follow below steps to accomplish the above task:

1. 1. Create a global user in EEM e.g. user1
   2. Login to EEM selecting Workload Automation AE as the application.
   3. Navigate to as_job policy under "manage access policies"
   4. In the default access policy which grants permission to all the views, create a filter for your user so that he will be excluded from everybody else from accessing. The filter can be as follows:

WHERE global user: gu:UserName != value: val:user1

5. 
   Then create a new as_job policy to enforce the read and execute permissions on your user under "identity access control". Please refer the screenshot attached for this.

<Please see attached file for image>

6. 
   Click save.
   7. Login to WCC and check if this is working.